Advisory: Sophos Endpoint "Your connection isn't private" after reboot. Policy settings can be returned to normal. See: KB-000045954 for the latest updates.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SMTP DoS settings (methodology)

Have already been referred here:

https://doc.sophos.com/nsg/sophos-firewall/19.5/help/en-us/webhelp/onlinehelp/AdministratorHelp/Email/GeneralSettings/index.html#smtp-settings

I wonder if any of you guys can share with me what and why your settings are for:

Max Connections

Maximum Connections / Host

Max emails / connection

max recipients / email

Emails rate

Connections rate

I have a single on premise exchange server behind the firewall.



This thread was automatically locked due to age.
  • Hello there,

    Thank you for contacting the Sophos Community.

    I'd recommend you contact your Sales Engineer/Professional Services to help you determine the value of each setting for your environment. 

    They’ll vary for any deployment since it is not the same to set Max Connection for a Firewall that only works as an MTA than one that works as web Filter with encryption enabled and a high number of employees since this value involves or you have to take in consideration the CPU, Memory, Network, etc.

    The maximum connection per host, should be calculated on the expected usage patterns. 

    Max Emails per connection: this one should be calculated by calculating your email server capacity and underlayer network.

    The rest are more self-explanatory based on the Documentation. Still, again, I recommend you talk to your Sales Engineer/Prof Service so they can assist you in tweaking the setting after surveying your email traffic. However most people that uses the setting just leave them the default values.

    Regards,


     
    Emmanuel (EmmoSophos)
    Technical Team Lead, Global Community Support
    Sophos Support VideosProduct Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.